Global browser security changes

Southern Cross Health Society takes the security and protection of our members’ data very seriously, and data protection is a critical priority for us.

We’ll be strengthening our security protocols in line with a global security changes being implemented by major web browser vendors in relation to Transport Layer Security (TLS).

This will mean that some users on older web browsers or operating systems may not be able to access our online services from 28 February 2020.

What you need to do

Please check all devices at work and at home that may be used for work purposes, and update the web browsers used to access Southern Cross services if required as below:

Desktop computers and laptops

For Windows-based computers using Windows 8 or below, you will need to update the web browser to either Chrome or Firefox. Internet Explorer will no longer be supported on those operating systems.

For Mac OS-based computers, ensure you are using Safari (version 9 or above), Chrome or Firefox.

There is no cost to update your web browser, but we recommend you seek assistance from your IT support person if you are unsure how to proceed.

Smartphones and tablets

Mobile devices being used to access Southern Cross services must be running iOS version 9 or above, or Android version 5 or above – if the device is on a lower version and not capable of being upgraded, you will need to use a different device.

You can check the software version of your device by going to Settings > General > About (iOS) or Apps > Settings > About Device > Software Info (Android).

A more technical explanation

To ensure the security of our member’s information when transacting with us online, we use a security protocol known as Transport Layer Security – or TLS for short. TLS has been around for 20 years and there have been several version changes to the protocol since it was introduced - TLS 1.2 is now the most widely used, with version 1.3 gaining momentum.

We have to date ensured our online services support older versions of the TLS protocol to ensure those using older computers and web browsers can successfully access and use our systems. However, security vulnerabilities have been identified in those older versions which could lead to disclosure of protected information to third parties (also known as a data breach).

This has led to a global effort to switch off support for older versions of TLS to help close this gap. Apple, Google, Microsoft and Mozilla are removing support for outdated encryption technologies, and as a result Southern Cross will be switching off support for the TLS 1.0 and TLS 1.1 encryption standard, and also for outdated encryption ciphers, from 28 February 2020.

Need more information?

Please get in touch with your usual Southern Cross point of contact using the links below: